<?php
/* -------------------------------------------------------------------------
 * Nom du fichier : inc_profil.php
 * Fichier validé : 07/11/12
 * -------------------------------------------------------------------------
 */

include(SITE_ROOT . '/inc/class_db.php');

function boxprofil() {
	//Recup mail
	$user = getuserinfo();
	
	//Contenu central
	?>
	<section>
		<p id="popmsg"></p>
        <?firstlogin();?>
		<div id="profilbox">
			<form  method="post" id="updateprofil" action="<?=SITE_ROOT?>/front/profil.php" autocomplete="on">
				<div>
					<input type="hidden" name="updatetodb" />
				</div>
				 <p> 
					<label for="mail" data-icon="e">Ton mail :</label>
					<input id="mail" name="mail" required="required" type="email" placeholder="Ton mail" value="<?=$user['mail']?>"/>
				 </p>
				 <p> 
					<label for="password1" data-icon="p">Ton nouveau mot de passe :</label>
					<input id="password1" name="password1" required="required" type="password" oninput="checkPasswords()" placeholder="Ton nouveau mot de passe" /> 
				 </p>
				 <p> 
					<label for="password2" data-icon="p">Confirme ton nouveau mot de passe :</label>
					<input id="password2" name="password2" required="required" type="password" oninput="checkPasswords()" placeholder="Confirme ton nouveau mot de passe" /> 
				 </p>
				 <p class="login button"> 
					<input type="submit" value="Valider" onclick="javascript:validupdateprofil()"/> 
				 </p>
			</form>
		</div>
	</section>
	<?

	//Update mail et password
	if (isset($_POST['updatetodb'])) {
		if ($_POST['updatetodb'] == 'update') {
			$error = updateinfotodb();
			switch($error[0]) {
				case 0 : 
					?>
					<script>
						localStorage.setItem('result', 'Mot de passe mis à jour avec succès');
						var msg = localStorage.getItem('result');
						if (msg) {
							<?
							if ($user['first_con'] == 0) {
								?>
								document.getElementById('messagebox').style.display= 'none';
								<?
							}
							?>
							document.getElementById('popmsg').style.display= 'block';
							document.getElementById('popmsg').innerHTML= msg;
							var msg = setTimeout("clearmsg()",3000);
						}
					</script>
					<?
					break;
				case 1 : 
					?>
					<script>
						localStorage.setItem('result', 'Les mots de passe ne sont pas identiques');
						var msg = localStorage.getItem('result');
						if (msg) {
							<?
							if ($user['first_con'] == 0) {
								?>
								document.getElementById('messagebox').style.display= 'none';
								<?
							}
							?>
							document.getElementById('popmsg').style.display= 'block';
							document.getElementById('popmsg').innerHTML= msg;
						}
					</script>
					<?
					break;
				case 2 : 
					?>
					<script>
						localStorage.setItem('result', 'Le mot de passe ne peut pas être vide');
						var msg = localStorage.getItem('result');
						if (msg) {
							<?
							if ($user['first_con'] == 0) {
								?>
								document.getElementById('messagebox').style.display= 'none';
								<?
							}
							?>
							document.getElementById('popmsg').style.display= 'block';
							document.getElementById('popmsg').innerHTML= msg;
						}
					</script>
					<?
					break;	
				case 3 :
					echo '<h>SQL Error</h>';
					break;
			}
		}
	}
}

function getuserinfo() {
	//Ouvre la connexion à la base de donnée
	$db = New Database;

	// Recup id du user
	if (!empty($_COOKIE['cookie_login'])) {
		$sql = "SELECT * FROM users WHERE `nom`='".$_COOKIE['cookie_login']."'";
	}
	else {
		$sql = "SELECT * FROM users WHERE `nom`='".$_SESSION['login']."'";
	}

	$db->select_query($sql);
	$row = $db->retourLigne();
	return $row;
}

function updateinfotodb() {
	//Variable
    $mail=$_POST['mail'];
    $pwd1=$_POST['password1'];
    $pwd2=$_POST['password2'];
    $userid=$_SESSION['user_id'];
    
	//Vérification coérence password
	if ($pwd1 !== $pwd2) {
		$error = 1;
		$msg = "Password pas identique";
		$result = array($error, $msg);
		return $result;
	}
	
	if (empty($pwd1)) {
		$error = 2;
		$msg = "Merci d'indiquer un password";
		$result = array($error, $msg);
		return $result;
	}
	
	//SQL
	$db = New Database;                                                                                                                                                             
    $sql = "UPDATE `users` SET `pwd` = '".sha1($pwd1)."', `mail` = '".$mail."', `first_con` = 1  WHERE `id` ='".$userid."';";
    if (!@$db->basic_query($sql)) {
		$msg = error_get_last ();
		$error = 3;
		$msg = $msg['message'];
		$result = array($error, $msg);
		return $result;
	}
	else {
		$error = 0;
		$msg = 'Success';
		$result = array($error, $msg);
		return $result;
	}
}

function firstlogin() {
	global $firstlogin;
    //SQL
	$db = New Database;
    $sql = "SELECT first_con FROM users WHERE `nom`='".$_SESSION['login']."'";
	$db->select_query($sql);
	$row = $db->retourLigne();
    if ($row['first_con'] == 0) {
        $firstlogin == '0';
        ?>
        <div id="messagebox">
            <p>Salut,</p>
            <p>C''est ta premiére visite sur le site, il faut que tu indique ton mail et que tu change ton mot de passe</p>
            <p>Thanks !</p>
        </div>
        <?
    }
    else {
		$firstlogin == '1';
	}
}
